<?php

function lookupConsumer($provider) {
	$provider->consumer_secret = "ohYah7phacheifooWufahVeehieNguek";
	return OAUTH_OK;
}

function tokenHandler($provider) {
	$provider->token_secret = "";
	return OAUTH_OK;
}

function timestampNonceChecker($provider) {
	if($provider->nonce=="bad") {
		return OAUTH_BAD_NONCE;
	} else if($provider->timestamp=="0") {
		return OAUTH_BAD_TIMESTAMP;
	}
	return OAUTH_OK;
}

function validate_coin_oauth($get,$post,$body)
{
	// first check the oauth signature
	try
	{
		$provider = new OAuthProvider();
		$provider->removeRequiredParameter('oauth_token');
		$provider->consumerHandler('lookupConsumer');
		$provider->tokenHandler('tokenHandler');
		$provider->timestampNonceHandler('timestampNonceChecker');
		$provider->checkOAuthRequest();
	}
	catch (OAuthException $E) 
	{
		echo $provider->reportProblem($E,false);
		#echo $E->__toString();
		return False;
	}

	// now check the the body, if present
	if ( array_key_exists('oauth_body_hash',$get) )
	{
		$hash = base64_encode( sha1($body,true) );
		if ( $hash != $get['oauth_body_hash'] )
		{
			print "Body hash verification failed!\n";
			print "Found $hash, expected {$get['oauth_body_hash']}\n";
			return False;
		}
	}

	return True;
}
?>
